DES algorithm generally has two key points. The first is encryption mode and the second is data filling. The main meaning of the encryption mode is that the encryption algorithm is encrypted by blocks. For example, DES is 64Bit for encryption, which means 8 bytes are encrypted each time. Therefore, the plaintext of eight bytes is input every time and outputs eight bytes of ciphertext. If it is 16 bytes, it is divided into two blocks for encryption in sequence. The problem appears here. If the plaintext is 1234567812345678 and is encrypted in blocks, then the encryption result is similar to "C4132737962C519C", which can see the rules of plaintext. This is the ECB encryption mode, and the ciphertext can see the rules of plaintext; in order to solve this problem, there are other encryption modes: CBC Encryption mode (password packet connection), CFB encryption mode (password feedback mode), OFB encryption mode (output feedback mode) CBC requires an initialized vector, and then each output is used with the vector, and the result of the operation is used as the initialization vector of the next encryption block. CFB and OFB do not need to provide the initialization vector, and directly use the password or output as the initialization vector for operation; this avoids the occurrence of plain text in the ciphertext; of course, the disadvantage is that the correctness of the ciphertext needs to be ensured during decryption. If a part of the error occurs during network transmission, the subsequent decryption result may be wrong; (ECB mode only affects the block that transmits the wrong transmission. The cipher algorithm is basically encrypted by grouping (fast). If the length of the ciphertext is not just right, it can be grouped, what should I do? Only fill it.
Common encryption algorithms include ECB mode and CBC mode:
The first electronic secret book method (ECB)
ECB mode: The electronic cryptographic method is to encrypt or decrypt the data in 8 bytes in a segment to obtain an 8 byte ciphertext or plaintext. If the last segment is less than 8 bytes, then 8 bytes are supplemented (note: this involves data replacement) for calculation, and then the calculated data are connected in order, so that each segment of data does not affect each other. The plain text is divided into n 64-bit packets. If the plain text length is not a multiple of 64-bit, the appropriate number of specified symbols will be filled at the end of the plain text. The plain text group is encrypted separately with the given key, and the line ciphertext C=(C0,C1,...,Cn-1) where Ci=DES(K,xi), i=0,1,.....,n-1. This is the default mode for Java encapsulated DES algorithm.
The second ciphertext group linking method (CBC)
In the CBC mode, each plaintext group xi is bit-module two-plus with the first group of ciphertext before encryption, and then sent to DES encryption. The CBC method overcomes the disadvantage of ECB mode reporting internal group replication, but since the plaintext group is related to a group of ciphertext before encryption, the errors of the previous group of ciphertexts will be propagated to the next group. This is the default mode of the DES algorithm encapsulated by .NET. It is more troublesome and the encryption steps are as follows:
1. First group the data into groups of 8 bytes to obtain D1D2...Dn (If the data is not an integer multiple of 8, it involves data replacement)
2. DES encryption is performed to obtain the first ciphertext C1 after the first set of data D1 and vector I (note: there is a saying about vector I here, vector I is not used in ECB mode)
3. The second set of data D2 and the encryption result C1 of the first set are encrypted by DES to obtain the second set of ciphertext C2
4. The following data and so on will get Cn
5. Concatenate C1C2C3 in order...Cn is the encryption result.
The third ciphertext feedback method (CFB), which can be used for serial passwords
Plain text X=(x0,x1,...,xn-1), where xi consists of t bits 0 The fourth output feedback method (OFB), which can be used for sequence passwords
The only difference from CFB is that OFB directly takes the t bits output by DES, rather than the t bits of the ciphertext, and the rest are the same as CFB. But it takes the output of DES, so it overcomes the disadvantage of CFB's ciphertext error propagation
Data replacement generally includes NoPadding and PKCS7Padding (PKCS5Padding in Java) filling methods. PKCS7Padding and PKCS5Padding are actually different in protocols. According to relevant information, PKCS5Padding clearly defines that the encryption block is 8 bytes, and PKCS7Padding encryption fast can be between 1-255. However, the encapsulated DES algorithms are all 8 bytes by default, so you can think that they are the same. Data complement is actually a filling process that only when the data is less than 8 bytes of multiples, and only when the data is less than 8 bytes is filled.
NoPadding fill method: The algorithm itself does not fill. For example, .NET padding provides None and Zeros methods, which are not filled and filled with 0 respectively.
PKCS7Padding (PKCS5Padding) fill method: It is the default fill method for .NET and Java. The balance of the encrypted data byte length pair 8 is r. If r is greater than 0, then 8-r bytes are supplemented, and the bytes are the value of 8-r; if r is equal to 0, then 8 bytes are supplemented. For example:
If the encrypted string is AAA, the complement is AAA55555; if the encrypted string is BBBBBBB, the complement is BBBBB22; if the encrypted string is CCCCCCCCCC, the complement is CCCCCCCC888888888.
DES encryption in .NET
For .NET, the framework provides DESCryptoServiceProvider as a wrapper interface for encryption and decryption under the namespace, which provides the following 4 methods:
public override ICryptoTransform CreateDecryptor(byte[] rgbKey, byte[] rgbIV)
public override ICryptoTransform CreateEncryptor(byte[] rgbKey, byte[] rgbIV)
public override void GenerateIV()
public override void GenerateKey()
From the .NET class library encapsulation situation, encrypting and decrypting requires passing in a Key and IV vector. Moreover, the key must be 8 bytes of data, otherwise an exception will be thrown directly. When using ECB mode, the encryption result will be the same regardless of what IV vector is passed in.